Adam Back adam at
Tue Jan 3 17:51:08 EST 2006

On Tue, Jan 03, 2006 at 10:10:50PM +0000, Ben Laurie wrote:
> Jack Lloyd wrote:
> > Some relevant and recent data: in some tests I ran this weekend
> > [gmp faster than openssl]
> > AFAIK blinding alone can protect against all (publicly known)
> > timing attacks; am I wrong about this?
> Yes, you are - there's the cache attack, which requires the attacker to
> have an account on the same machine. I guess I shouldn't have called it
> constant time, since its really constant memory access that defends
> against this.

Does openSSL defend against cache related attacks?


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list